<?php

function sign(&$params) {
	if (isset($params['transTempUrl'])) {
		unset($params['transTempUrl']);
	}
	$params_str = coverParamsToString($params);
	$params_sha1x16 = sha1($params_str, FALSE);
	$cert_path = SDK_SIGN_CERT_PATH;
	$private_key = getPrivateKey($cert_path);
	$sign_falg = openssl_sign($params_sha1x16, $signature, $private_key, OPENSSL_ALGO_SHA1);
	if ($sign_falg) {
		$signature_base64 = base64_encode($signature);
		$params['signature'] = $signature_base64;
	}
}

function verify($params) {
	$public_key = getPulbicKeyByCertId($params['certId']);
	$signature_str = $params['signature'];
	unset($params['signature']);
	$params_str = coverParamsToString($params);
	$signature = base64_decode($signature_str);
	$params_sha1x16 = sha1($params_str, FALSE);
	$isSuccess = openssl_verify($params_sha1x16, $signature, $public_key, OPENSSL_ALGO_SHA1);
	return $isSuccess;
}

function getPulbicKeyByCertId($certId) {
	$cert_dir = SDK_VERIFY_CERT_DIR;
	$handle = opendir($cert_dir);
	if ($handle) {
		while ($file = readdir($handle)) {
			clearstatcache();
			$filePath = $cert_dir . '/' . $file;
			if (is_file($filePath)) {
				if (pathinfo($file, PATHINFO_EXTENSION) == 'cer') {
					if (getCertIdByCerPath($filePath) == $certId) {
						closedir($handle);
						return getPublicKey($filePath);
					}
				}
			}
		}
	}
	closedir($handle);
	return null;
}

function getCertId($cert_path) {
	$pkcs12certdata = file_get_contents($cert_path);

	openssl_pkcs12_read($pkcs12certdata, $certs, SDK_SIGN_CERT_PWD);
	$x509data = $certs['cert'];
	openssl_x509_read($x509data);
	$certdata = openssl_x509_parse($x509data);
	$cert_id = $certdata['serialNumber'];
	return $cert_id;
}

function getCertIdByCerPath($cert_path) {
	$x509data = file_get_contents($cert_path);
	openssl_x509_read($x509data);
	$certdata = openssl_x509_parse($x509data);
	$cert_id = $certdata['serialNumber'];
	return $cert_id;
}

function getSignCertId() {

	return getCertId(SDK_SIGN_CERT_PATH);
}

function getEncryptCertId() {
	return getCertIdByCerPath(SDK_ENCRYPT_CERT_PATH);
}

function getPublicKey($cert_path) {
	return file_get_contents($cert_path);
}

function getPrivateKey($cert_path) {
	$pkcs12 = file_get_contents($cert_path);
	openssl_pkcs12_read($pkcs12, $certs, SDK_SIGN_CERT_PWD);
	return $certs['pkey'];
}

function encryptPan($pan) {
	$cert_path = MPI_ENCRYPT_CERT_PATH;
	$public_key = getPublicKey($cert_path);

	openssl_public_encrypt($pan, $cryptPan, $public_key);
	return base64_encode($cryptPan);
}

function encryptPin($pan, $pwd) {
	$cert_path = SDK_ENCRYPT_CERT_PATH;
	$public_key = getPublicKey($cert_path);

	return EncryptedPin($pwd, $pan, $public_key);
}

function encryptCvn2($cvn2) {
	$cert_path = SDK_ENCRYPT_CERT_PATH;
	$public_key = getPublicKey($cert_path);

	openssl_public_encrypt($cvn2, $crypted, $public_key);

	return base64_encode($crypted);
}

function encryptDate($certDate) {
	$cert_path = SDK_ENCRYPT_CERT_PATH;
	$public_key = getPublicKey($cert_path);

	openssl_public_encrypt($certDate, $crypted, $public_key);

	return base64_encode($crypted);
}

function encryptDateType($certDataType) {
	$cert_path = SDK_ENCRYPT_CERT_PATH;
	$public_key = getPublicKey($cert_path);

	openssl_public_encrypt($certDataType, $crypted, $public_key);

	return base64_encode($crypted);
}
?>